TIXNGO Portal

Page tree

Page History

Versions Compared

Old Version 4

changes.mady.by.user pie [X]

Saved on

compared with

New Version 5

changes.mady.by.user pie [X]

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Image RemovedImage Added

Product release notes

SprintsTeamsModulesProduct features
S1TnGMob

My Profile mandatory information with asterisks * → /!\ This new feature has been deployed only into the preproduction environment yet. It will be deployed in production in January 2023. /!\

https://jira.secutix.com/browse/TIX2-1987 As a wallet user, I see an asterisk ("*") next to mandatory fields.

  • If the gender parameter is optional Image Added if the gender parameter is mandatory: Image Added

S1TnGMob

Registration code: 5 tries and same code for 5 times → /!\ This new feature has been deployed only into the preproduction environment yet. It will be deployed in production in January 2023. /!\

https://jira.secutix.com/browse/TIX2-181 As a wallet user, I receive by email the same registration code 5 times in a row, AND I can try to enter the registration code at a maximum 5 times.

  • As a wallet user, I receive by email the same registration code 5 times in a row (i.e. first email, and then if tapping up to 4 times on "I did not receive my registration code: Resend"), then the registration code changes for the next 5 "Resend" requests, and so on. Sending 5 times the same registration code will help in case of bad network, we want to make sure the end user will enter the correct registration code.

  • As a wallet user, I can enter and confirm a registration code 5 times max, then the wallet will request me to ask for a new registration code. This is a security measure to avoid brut force attack on the backend through API while registering, the backend should grant only 5 tries. After that, the end user will have to ask for a new registration code. The mobile app properly displays and explains the 5 unsuccessful tries and that a new code is required.

S1

TnGBO

2FA to access the AdminTool → /!\ This new feature has been deployed only into the preproduction environment yet. It will be deployed in production in January 2023. /!\

https://jira.secutix.com/browse/TIX2-1157 As a AdminTool 2.0 user, I have to pass a Second Factor Authentification (2FA)

  • In the way to increase the security of the system, the organizer admin-user (AU) can enable/disable a Second Factor Authentification (2FA) on the AdminTool for the users (i.e. support-user (SU), basic-user (BU), moderator (Mod)). The feature is disabled by default. If the organizer also wants to activate the 2FA for the AU, they should contact TIXNGO as an additional service.
  • Experience
    • image-2022-11-16-17-36-01-286.png
    • At the first login, a QR-Code is displayed to set the secret tokens (e.g. in Google Authenticator mobile app).
    • After a first successful login, at the next logins, the user inputs the real time 6-digit secret code (3 attempts max).
    • The AU can force the display of a new QR-Code at the next login if needed (which invalid the previous one).
  • A comprehensive manual is available in the Backoffice manual / 2-Factor Authentication.

...